4 * @file src/Module/Login.php
7 namespace Friendica\Module\Security;
9 use Friendica\BaseModule;
10 use Friendica\Core\Config;
11 use Friendica\Core\Hook;
12 use Friendica\Core\L10n;
13 use Friendica\Core\Renderer;
14 use Friendica\Core\Session;
16 use Friendica\Module\Register;
17 use Friendica\Util\Strings;
22 * @author Hypolite Petovan <hypolite@mrpetovan.com>
24 class Login extends BaseModule
26 public static function content(array $parameters = [])
29 DI::baseUrl()->redirect();
32 return self::form(Session::get('return_path'), intval(Config::get('config', 'register_policy')) !== \Friendica\Module\Register::CLOSED);
35 public static function post(array $parameters = [])
37 $return_path = Session::get('return_path');
39 Session::set('return_path', $return_path);
43 empty($_POST['password'])
44 && (!empty($_POST['openid_url'])
45 || !empty($_POST['username']))
47 $openid_url = trim(($_POST['openid_url'] ?? '') ?: $_POST['username']);
49 DI::auth()->withOpenId($openid_url, !empty($_POST['remember']));
52 if (!empty($_POST['auth-params']) && $_POST['auth-params'] === 'login') {
53 DI::auth()->withPassword(
55 trim($_POST['username']),
56 trim($_POST['password']),
57 !empty($_POST['remember'])
63 * Wrapper for adding a login box.
65 * @param string $return_path The path relative to the base the user should be sent
66 * back to after login completes
67 * @param bool $register If $register == true provide a registration link.
68 * This will most always depend on the value of config.register_policy.
69 * @param array $hiddens optional
71 * @return string Returns the complete html for inserting into the page
73 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
74 * @hooks 'login_hook' string $o
76 public static function form($return_path = null, $register = false, $hiddens = [])
80 $noid = Config::get('system', 'no_openid');
83 Session::remove('openid_identity');
84 Session::remove('openid_attributes');
88 if ($register && intval(DI::config()->get('config', 'register_policy')) !== Register::CLOSED) {
90 'title' => DI::l10n()->t('Create a New Account'),
91 'desc' => DI::l10n()->t('Register'),
92 'url' => self::getRegisterURL()
96 if (is_null($return_path)) {
97 $return_path = DI::args()->getQueryString();
101 $tpl = Renderer::getMarkupTemplate('logout.tpl');
103 DI::page()['htmlhead'] .= Renderer::replaceMacros(
104 Renderer::getMarkupTemplate('login_head.tpl'),
106 '$baseurl' => DI::baseUrl()->get(true)
110 $tpl = Renderer::getMarkupTemplate('login.tpl');
111 $_SESSION['return_path'] = $return_path;
114 if (!empty(Session::get('openid_identity'))) {
115 $openid_title = DI::l10n()->t('Your OpenID: ');
116 $openid_readonly = true;
117 $identity = Session::get('openid_identity');
118 $username_desc = DI::l10n()->t('Please enter your username and password to add the OpenID to your existing account.');
120 $openid_title = DI::l10n()->t('Or login using OpenID: ');
121 $openid_readonly = false;
126 $o .= Renderer::replaceMacros(
129 '$dest_url' => DI::baseUrl()->get(true) . '/login',
130 '$logout' => DI::l10n()->t('Logout'),
131 '$login' => DI::l10n()->t('Login'),
133 '$lname' => ['username', DI::l10n()->t('Nickname or Email: '), '', $username_desc],
134 '$lpassword' => ['password', DI::l10n()->t('Password: '), '', ''],
135 '$lremember' => ['remember', DI::l10n()->t('Remember me'), 0, ''],
138 '$lopenid' => ['openid_url', $openid_title, $identity, '', $openid_readonly],
140 '$hiddens' => $hiddens,
144 '$lostpass' => DI::l10n()->t('Forgot your password?'),
145 '$lostlink' => DI::l10n()->t('Password Reset'),
147 '$tostitle' => DI::l10n()->t('Website Terms of Service'),
148 '$toslink' => DI::l10n()->t('terms of service'),
150 '$privacytitle' => DI::l10n()->t('Website Privacy Policy'),
151 '$privacylink' => DI::l10n()->t('privacy policy'),
155 Hook::callAll('login_hook', $o);
161 * Get the URL to the register page and add OpenID parameters to it
163 private static function getRegisterURL()
165 if (empty(Session::get('openid_identity'))) {
170 $attr = Session::get('openid_attributes', []);
172 if (is_array($attr) && count($attr)) {
173 foreach ($attr as $k => $v) {
174 if ($k === 'namePerson/friendly') {
175 $nick = Strings::escapeTags(trim($v));
177 if ($k === 'namePerson/first') {
178 $first = Strings::escapeTags(trim($v));
180 if ($k === 'namePerson') {
181 $args['username'] = Strings::escapeTags(trim($v));
183 if ($k === 'contact/email') {
184 $args['email'] = Strings::escapeTags(trim($v));
186 if ($k === 'media/image/aspect11') {
187 $photosq = bin2hex(trim($v));
189 if ($k === 'media/image/default') {
190 $photo = bin2hex(trim($v));
196 $args['nickname'] = $nick;
197 } elseif (!empty($first)) {
198 $args['nickname'] = $first;
201 if (!empty($photosq)) {
202 $args['photo'] = $photosq;
203 } elseif (!empty($photo)) {
204 $args['photo'] = $photo;
207 $args['openid_url'] = Strings::escapeTags(trim(Session::get('openid_identity')));
209 return 'register?' . http_build_query($args);